IN THE CLAIMS: 



Please cancel claims 8, 9, 10, 12. 
Please amend claims/1, 3, 7, 11, 15 
Keep original claims 2, 4, 5, 6, 13 
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1. (Currently Amended) A system for enabling asynchronous 
authentication of a non-preauthenticated client -User means in a 
Kerberos domain servicing multiple requesting non-preauthenticated 
clients while eliminating any delays due to multiple concurrent 
authentication requests, said system comprising: 

(a) client-User means (10) for requesting 
authentication from a client- server means (13) ; 

(b) client- server means (13) for communicating with a 
Kerberos server means (20) for developing a specific 
set of credentials for [ [said single] ] each client 
requesting authentication; 

(c) said Kerberos server means (20) for developing an 
asynchronous authentication response and a Ticket 
Granting Service to said client-server means (13) . 
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2. (Original) The system of Claim 1 wherein said client-User means 
(10) includes: 

(al) multiple client-Users who may concurrently 
seek authorization to utilize said client -server. 
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3. (Currently Amended) The system of claim 1 wherein said Kerberos 
server means (20) includes: 



(cl) means to return an authentication response to 
said client- [ [Server] ] server means; 

(c2) means to return a Ticket Granting Service 
signal to said client -server means. 
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4. (Original) The system of claim 1 wherein said client-server 
means includes: 

(bl) communication means (MARC40, COMS42) for 
exchanging information between a requesting 
principal or client -User, a Master Control 
Program, a General Security Service Library 

(6SS38) , and a Kerberos Support Library (KSL34) ; 

(b2) said Master Control Program (60) for 
controlling said communication means, said General 
Security Service Library and said Kerberos Support 
Library (34); 

(b3) said General Security Service Library (GSS38) 
providing multiple threads for handling multiple 
concurrent requests for authentication; 

(b4) said Kerberos Support Library (34) for 
developing and storing specific authentication 
credentials for each validated client -User 
authentication request. 



awk\amd\470L.doc 



5. (Original) The system of claim 4 wherein said Kerberos Support 
Library (34) includes: 

(b4a) means for accessing said Kerberos 
Server means (20) to acquire an 
authentication response and a Ticket Granting 
Service. 
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6. (Original) A secure message transmission system in a Kerberos 
environment which permits a client-user to operate in a network 
for authentication request transmittal and message response 
without suspending client service when a Kerberos Server has not 
yet responded to an earlier request for an authentication message 
code signal, said system comprising: 

(a) client- terminal means (10) to indicate an original 
request for validation of an authentication message 
signal from a Kerberos Server (2 0) ; 

(b) program means (MARC 40 and COMS 42), under control 
of a Master Control Program (MCP60) , for transmitting 
requests for service to a Kerberos Support Library 
(34), a General Security Service Library (38) and 
Kerberos Server (20) for the return of an 
authentication response message to said client terminal 
means (10) from credential information placed in said 
General Security Service Library; 

(c) means for enabling said Kerberos Support Library 
(34) to elicit authentication information and Ticket 
Granting Service from said Kerberos Server (2 0) for 
deposit as validating credential data in said General 
Security Service Library (38) . 
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7. (Currently Amended) A method for asynchronous authentication of 
a non-preauthenticated originating terminal in a Kerberos domain, 
said authentication occurring without delay due to other 
concurrent requests for authentication by other terminals such as 
client -Users and principals, said method comprising the steps of: 

(a) originating a request, to a client-server, for 
authentication by a non-preauthenticated terminal [ [ j ] ] 
and including the step oft 

(al) originating concurrent multiple requests for 
authentication from multiple client-Users and 
principals; 

(b) processing said originating request and other 
originating requests concurrently [ [ ; ] ] and including 
the steps of; 

(bl) developing a set of identifying credentials 
for said originating terminal and including the 
steps of; 

(bla) requesting, via a communication means 
(MARC 40, COM942) , under control of a Master 
Control Program (MCP60) , a Kerberos Support 
Library (34) , and a Kerberos Server (20) for 
credentials and a session key; 

(bib) creating a credential structure by 
said Kerberos Support Library (34) to 
identify said originating terminal and 
provide a Ticket Granting Service; 
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(blc) generating, by a General Security 
Service Library (GSS 38) , OF A Name -Handle 
and GSS Credential Tag that identifies the 
originating terminal to said GSS (38) and to 
said Kerberos Support Library (34) ; 

(bid) generating a message, by said Kerberos 
Support Library (34) , to inform said 
communication means (MARC 40, COMS42) that 
the Kerberos authentication cycle has been 
successfully completed; 

(b2) asynchronously validating said originating 
terminal for use of a Kerberos domain; 

(c) responding back asynchronously by said client - 
server to authenticate the validity of said original 
requesting terminal without any delays due to other 
concurrent requests for authentication [ [ . ] ] which 
includes the step of; 



COMS42) to transmit an 


authentication 


signal 


from 


a Kerberos Support 


Library (34) 


to 


said 



originating terminal, 
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8 . (Cancelled) . 

9 . (Cancelled) . 

10 . (Cancelled) . 
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11. (Currently Amended) The method of [[claim 9]] claim 7 wherein 
step (bl) includes the steps of: 

(llbla) processing concurrent 

authentication requests via multi- 
threaded processing means to develop a 
specific credential for each originating 
terminal; 

(lib lb) conveying [ [said first] ] a 
completed authentication request to said 
Kerberos Support Library (34) and said 
communication means (MARC 40, COMS42) . 
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12 . (Cancelled) . 
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13. (Original) In a network wherein multiple client- terminals 
communicate with a client- server (13) , having a Kerberos Support 
Library (34) , and communicate with a communications means (MARC 
40, COMS 42), a General Security Service Library (38) and said 
client-server for accessing response information from a Kerberos 
server (20) , a method for enabling a requesting client- terminal 
to receive an authentication response message asynchronously from 
said Kerberos Server (20) comprising the steps of: 

(a) initiating an authentication command request by a 
requesting client- terminal; 

(b) utilizing a communication management system, under 
control at a Master Control Program (MCP60) , using a 
communication means having a communication management 
program (COMS 42) and menu assisted resource control 
program (MARC 40) to communicate said command request 
to said Kerberos Server (20) via said Kerberos Support 
Library (34) and to receive a Kerberos response message 
for credential processing by said General Security 
Services Library (38) which is then conveyed by said 
communication means (40, 42) to said requesting client- 
terminal . 
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14. (Original) The method of claim 13 which includes the step of: 

(c) Terminating the session between said client- 
terminal (10) and said Kerberos Support Library (34) 
once the authentication request response has been 
transmitted from said General Security Library (38) , 
thus allowing said client- server (13) to process other 
authentication requests. 
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15. (Currently Amended) The method of claim 13 wherein step (b) 
includes the step of: 

(bl) initiating an error message by said Kerberos 
Support Library (34) when a failure in 
authentication has been recognized; 

(b2) requesting, via said error message, that said 
client- [ [Terminal] ] terminal (b) should initiate a 
log-on. 
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